| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Submitted by: ru
|
|
|
|
| |
Submitted by: ru
|
|
|
|
| |
Submitted by: ru
|
| |
|
|
|
|
|
| |
PR: kern/46983
Submitted by: David Holm <david@realityrift.com>
|
|
|
|
|
| |
PR: i386/53136, i386/51802
Submitted by: Kyunghwan Kim <redjade@atropos.snu.ac.kr>, Norikatsu Shigemura <nork@FreeBSD.org>
|
| |
|
|
|
|
| |
so make this beforehand.
|
|
|
|
|
|
|
|
|
| |
_ksd_readandclear_tmbx to be function-like. That way we
can define them as inline functions or create prototypes
for them.
This change allows the ksd interface on ia64 to be fully
inlined.
|
|
|
|
|
| |
PR: bin/53585
Submitted by: Alexey Dokuchaev <danfe@regency.nsu.ru>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1.2.3.4/24{5,6,7,10-20,60-90}
for set of ip addresses.
Previously you needed to specify every address in the range, which
was unconvenient and lead to very long lines.
Internally the set is still stored in the same way, just the
input and output routines are modified.
Manpage update still missing.
Perhaps a similar preprocessing step would be useful for port ranges.
MFC after: 3 days
|
|
|
|
|
|
| |
PR: docs/53625
Submitted by: Kostyuk Oleg <cub@cub.org.ua>
MFC after: 1 week
|
| |
|
| |
|
| |
|
|
|
|
| |
Add vm object locking to pmap_object_init_pt().
|
|
|
|
| |
Define THR_ALIGN to align at 16-byte boundaries.
|
|
|
|
|
| |
macro that expands to atomic_swap_long() to avoid compiler warnings
caused by incompatible pointer passing.
|
| |
|
|
|
|
|
| |
in a machine specific makefile. While here, sort the sub-directories
in Makefile and remove _atomic_lock.S from all makefiles.
|
|
|
|
| |
Submitted by: rwatson
|
| |
|
|
|
|
|
|
|
|
|
| |
read permision only required for listing, read/write required for
read/write to registers
fix a possible memory leak
clean up error handling a bit
Reviewed by: silence
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the MAC policy modules to improve robustness against C string
bugs and vulnerabilities. Following these revisions, all
string construction of labels for export to userspace (or
elsewhere) is performed using the sbuf API, which prevents
the consumer from having to perform laborious and intricate
pointer and buffer checks. This substantially simplifies
the externalization logic, both at the MAC Framework level,
and in individual policies; this becomes especially useful
when policies export more complex label data, such as with
compartments in Biba and MLS.
Bundled in here are some other minor fixes associated with
externalization: including avoiding malloc while holding the
process mutex in mac_lomac, and hence avoid a failure mode
when printing labels during a downgrade operation due to
the removal of the M_NOWAIT case.
This has been running in the MAC development tree for about
three weeks without problems.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
|
|
|
|
| |
Change the entry for Turing's birthday to be the same as in
calendar.birthday. This enables cron jobs to uniq(1) the entry.
|
|
|
|
|
|
|
|
|
| |
attributes from objects over vop_setextattr() with a NULL uio; if
the file system doesn't support the vop_rmextattr() method, fall
back to the vop_setextattr() method.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
|
|
|
|
|
|
|
| |
interface, rather than relying on a NULL uio for the deletion
operation.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
|
|
|
|
|
|
|
|
|
|
| |
specify what credential to use when authorizing vn_open() and later
write operations, rather than curthread->td_ucred.
When writing KTR traces to an ALQ, specify the credential of the thread
generating the sysctl request.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
| |
|
|
|
|
|
|
| |
releasing the lock only if we are about to sleep (e.g., vm_pager_get_pages()
or vm_pager_has_pages()). If we sleep, we have marked the vm object with
the paging-in-progress flag.
|
|
|
|
|
|
|
| |
that the lock should not be checked.
Skip the lock assertion checks for *vpp or any other pointer to a vnode
pointer if vpp (or equivalent) is NULL.
|
|
|
|
| |
Also consolidate building rules for special files.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"ipid" options. This feature has been requested by several users.
On passing, fix some minor bugs in the parser. This change is fully
backward compatible so if you have an old /sbin/ipfw and a new
kernel you are not in trouble (but you need to update /sbin/ipfw
if you want to use the new features).
Document the changes in the manpage.
Now you can write things like
ipfw add skipto 1000 iplen 0-500
which some people were asking to give preferential treatment to
short packets.
The 'MFC after' is just set as a reminder, because I still need
to merge the Alpha/Sparc64 fixes for ipfw2 (which unfortunately
change the size of certain kernel structures; not that it matters
a lot since ipfw2 is entirely optional and not the default...)
PR: bin/48015
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
| |
policy definition structure; this permits policies to reduce their
number of gratuitous includes for required for entry points they
don't implement. This also facilitates building the MAC Framework
on Darwin.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
|
|
|
|
|
|
|
|
|
|
|
|
| |
and does not fit into a floppy anymore (1403kb available).
There is not much you can do now except bumping up the image size
(by uncommenting the "fd_size=2880" line in ./config),
at which point you can uncomment sshd, the associated library,
and all the good stuff such as tcpdump and natd and ppp that
you might want on such a box.
A similar change should be applied to other picobsd image types.
|
|
|
|
|
|
| |
and remove the count for devices "sc" and "atkbdc"
This change does not apply to RELENG_4.
|
|
|
|
| |
Currently, we cannot increase KVA more than 2GB.
|
|
|
|
|
| |
'netstat -r' work.
- Use direct map for /dev/mem.
|
|
|
|
|
|
| |
Reviewed by: peter
- Use direct map in pmap_mapdev().
|
|
|
|
|
|
| |
deal with any more.
Spotted by: "Darren Freestone" <df@cops.org>
|
| |
|
|
|
|
| |
Reviewed by: phk
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Several of the subtypes have an associated vnode which is used for
stuff like the f*() functions.
By giving the vnode a speparate field, a number of checks for the specific
subtype can be replaced simply with a check for f_vnode != NULL, and
we can later free f_data up to subtype specific use.
At this point in time, f_data still points to the vnode, so any code I
might have overlooked will still work.
|
| |
|
| |
|
|
|
|
| |
be used to retrieve list of all available keywords now.
|
| |
|
|
|
|
|
|
|
|
| |
also fix a slight bogon that assumed an fd of 0 was not valid. Changed
it to be -1.
PR: bin/25017
Submitted by: Martin Kammerhofer
|
|
|
|
|
| |
PR: i386/38299
Submitted by: Rob Schulhof <rrs@there.net>
|